[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
Since this bug is affecting only Xenial and it reached end of standard support I will be marking it as Won't Fix. Moreover, the importance is set to Low. ** Changed in: nfs-utils (Ubuntu Xenial) Status: Triaged => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
** Tags removed: server-next -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
** Changed in: nfs-utils (Ubuntu Xenial) Status: New => Triaged ** Changed in: nfs-utils (Ubuntu Xenial) Importance: Undecided => Low -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
And the var name is wrong AGAIN: # echo RPCGSSDARGS=\"$RPCGSSDARGS\" vs ExecStart=/usr/sbin/rpc.gssd $GSSDARGS It's not like nfsv4 is easy to setup already -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
Oh, hm, I was mislead, this is using systemd already, it's just shipping the upstart files along for the ride. So: /lib/systemd/system/rpc-gssd.service reads /run/sysconfig/nfs-utils, which is generated by /lib/systemd/system/nfs-config.service by calling /usr/lib/systemd/scripts/nfs-utils_env.sh. That wrapper /usr/lib/systemd/scripts/nfs-utils_env.sh sources /etc/default/nfs-common and /etc/default/nfs-kernel-server, but doesn't handle rpc.gssd options. In fact, it has this comment: # the following are supported by the systemd units, but not exposed in default files ... # echo RPCGSSDARGS=\"$RPCGSSDARGS\" So even if you define RPCGSSDARGS in one of those /etc/default/nfs* files, it won't be passed along to the systemd service. Why was it decided like that? No idea :/ I guess the answer to my question in #10 is "use a systemd service override and add the -D option there"? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
How are you guys passing -D to rpc.gssd? I don't see any provision to do this via /etc/default/*, as the (on xenial) upstart job doesn't pass any command line parameters to rpc.gssd. It just calls: exec rpc.gssd Later releases, like bionic, use systemd and have grown a mechanism to pass options. I wonder if it's worth to SRU this patch, if there is no mechanism to pass the -D (or any other) option to the daemon. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
Fixed from bionic onwards. ** Also affects: nfs-utils (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: nfs-utils (Ubuntu) Assignee: Andreas Hasenack (ahasenack) => (unassigned) ** Changed in: nfs-utils (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
I'll take a look. ** Tags added: server-next ** Changed in: nfs-utils (Ubuntu) Assignee: (unassigned) => Andreas Hasenack (ahasenack) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
There's a patch attached to the related Debian bug which works and is included in later packages. https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=803710;filename =nfs-utils-1.2.8_fix-avoid-dns.diff;msg=5 Can we get this into 16.04 please? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
I'm running into the same exact issue. Is there a workaround for this? My CentOS7.4 machines don't have this problem and I use a standard NFS mount script (with FQDN to mount all the shared directories on our systems). This requires me to have one for Ubuntu machines and one for CentOS. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
Has there been any progress on getting this pushed to 16.04.4? If it's not going to be pushed to the public repos any time soon, is it available in a testing repo. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
I just lost a good chunk of my evening to this. I'm using native IPv6 from my upstream ISP and therefore do not have control of rDNS. I was expecting the documented behavior and didn't realize I'd hit a bug until on a lark I added the IP address of the NFS server to the client's /etc/hosts file. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: nfs-utils (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
** Changed in: nfs-utils (Debian) Status: Unknown => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
** Bug watch added: Debian Bug tracker #803710 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803710 ** Also affects: nfs-utils (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803710 Importance: Unknown Status: Unknown ** Tags added: xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
** Description changed:
Description: Ubuntu 16.04.2 LTS
Release: 16.04
Package: nfs-common 1:1.2.8-9ubuntu12.1.0
This bug affects all active and proposed versions of nfs-common used by
ubuntu (as every version is based on nfs-utils_1.2.8) from trusty to
artful.
- There is a small error in the code for rpc.gssd that causes it to always
perform reverse DNS when looking up the server name to pass to GSSAPI. This
causes a problem for NFS4 in environments where reverse DNS is correctly
configured. This has been confirmed in Debian and a more recent version of
nfs-utils that appears to have fixed this has been pushed to sid:
+ There is a small error in the code for rpc.gssd that causes it to always
perform reverse DNS when looking up the server name to pass to GSSAPI. This
causes a problem for NFS4 in environments where reverse DNS is incorrectly
configured or not configurable by the system administrator. This has been
confirmed in Debian and a more recent version of nfs-utils that appears to have
fixed this has been pushed to sid:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803710
However, I do not know if that version of nfs-utils will make it to
ubuntu soon. Will it?
If not, the patch to this appears to be rather straightforward.
The error is an '== 1' instead of an '== 0' in two lines of gssd_proc.c that
are evaluated when the -D flag to rpc.gssd is not passed (and thus avoid_dns is
true)
--- utils/gssd/gssd_proc.c2017-06-11 15:47:35.0 -0700
+++ utils/gssd/gssd_proc_patch.c 2017-06-11 15:48:36.152115792 -0700
@@ -181,17 +181,17 @@
- if (avoid_dns) {
- /*
-* Determine if this is a server name, or an IP address.
-* If it is an IP address, do the DNS lookup otherwise
-* skip the DNS lookup.
-*/
- servername = 0;
+ if (avoid_dns) {
+ /*
+ * Determine if this is a server name, or an IP address.
+ * If it is an IP address, do the DNS lookup otherwise
+ * skip the DNS lookup.
+ */
+ servername = 0;
- if (strchr(name, '.') && inet_pton(AF_INET, name, buf) == 1)
+ if (strchr(name, '.') && inet_pton(AF_INET, name, buf) == 0)
- servername = 1; /* IPv4 */
+ servername = 1; /* IPv4 */
- else if (strchr(name, ':') && inet_pton(AF_INET6, name, buf) ==
1)
+ else if (strchr(name, ':') && inet_pton(AF_INET6, name, buf) ==
0)
- servername = 1; /* or IPv6 */
-
- if (servername) {
- return strdup(name);
- }
- }
+ servername = 1; /* or IPv6 */
+
+ if (servername) {
+ return strdup(name);
+ }
+ }
Is there any way to get either 1) the updated version of nfs-utils or 2)
this patch applied to xenial (and, hopefully, other versions of ubuntu)?
Thank you for looking at this!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1697339
Title:
rpc.gssd performs reverse DNS by default (regardless of -D flag)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
The attachment "patch file of proposed fix (if necessary)" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu- reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1697339] Re: rpc.gssd performs reverse DNS by default (regardless of -D flag)
** Patch added: "patch file of proposed fix (if necessary)" https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+attachment/4894308/+files/gssd_proc.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1697339 Title: rpc.gssd performs reverse DNS by default (regardless of -D flag) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/1697339/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
